<!DOCTYPE html>
<html>
  <head>
      <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
  <meta content="yes" name="apple-mobile-web-app-capable" />
  <meta content="black" name="apple-mobile-web-app-status-bar-style" />
  <meta name="referrer" content="never">
  <meta name="keywords" content="">
  <meta name="description" content="">
  <meta name="author" content="kveln">
  <title>kubeadmin 快速部署k8s集群 | John Wong&#39;s Blog</title>
  <link href="https://cdn.bootcss.com/twitter-bootstrap/4.3.1/css/bootstrap.min.css" rel="stylesheet">
  <!-- <link href="https://blog.jwangkun.com/media/css/bootstrap.min.css" rel="stylesheet"> -->
  <!--  <link href="https://blog.jwangkun.com/media/css/all.min.css" rel="stylesheet" type="text/css"> -->
  <link href="https://cdn.bootcss.com/font-awesome/5.11.2/css/all.min.css" rel="stylesheet">
  <link href='https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
  <link href='https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800' rel='stylesheet' type='text/css'>
  <link rel="alternate" type="application/rss+xml" title="kubeadmin 快速部署k8s集群 | John Wong&#39;s Blog » Feed" href="https://blog.jwangkun.com/atom.xml">
  <link rel="stylesheet"href="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@9.15.10/build/styles/androidstudio.min.css">
  <link href="https://blog.jwangkun.com/styles/main.css" rel="stylesheet">
  <script src="https://cdn.bootcss.com/jquery/3.4.1/jquery.min.js"></script>
  <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@9.15.10/build/highlight.min.js"></script>
  <!-- <script src="https://blog.jwangkun.com/media/scripts/jquery.min.js"></script> -->
  <script>hljs.initHighlightingOnLoad();</script>
  

    <meta property="og:description" content="kubeadmin 快速部署k8s集群"/>
    <meta property="og:url" content="https://blog.jwangkun.com/post/tfQ89II3o/"/>
    <meta property="og:locale" content="zh-CN"/>
    <meta property="og:type" content="website"/>
    <meta property="og:site_name" content="John Wong&#39;s Blog"/>
  </head>
  <body>
  	<!-- Navigation -->
  <nav class="navbar navbar-expand-lg navbar-light fixed-top" id="mainNav">
    <div class="container">
      <a class="navbar-brand" href="https://blog.jwangkun.com">John Wong&#39;s Blog</a>
      <button class="navbar-toggler navbar-toggler-right" type="button" data-toggle="collapse" data-target="#navbarResponsive" aria-controls="navbarResponsive" aria-expanded="false" aria-label="Toggle navigation">
        Menu
        <i class="fas fa-bars"></i>
      </button>
      <div class="collapse navbar-collapse" id="navbarResponsive">
        <ul class="navbar-nav ml-auto">
          
          <li class="nav-item">
              
              <a class="nav-link" href="/">首页</a>
              
          </li>
          
          <li class="nav-item">
              
              <a class="nav-link" href="/archives">归档</a>
              
          </li>
          
          <li class="nav-item">
              
              <a class="nav-link" href="/tags">标签</a>
              
          </li>
          
          <li class="nav-item">
              
              <a class="nav-link" href="/post/about">关于</a>
              
          </li>
          
        </ul>
      </div>
    </div>
  </nav>
  <!-- Page Header -->
  <header class="masthead" style="background-image: url('https://blog.jwangkun.com/media/images/home-bg.jpg')">
    <div class="overlay"></div>
    <div class="container">
      <div class="row">
        <div class="col-lg-8 col-md-10 mx-auto">
          <div class="post-heading">
          	<span class="tags">
          	 
            <a href="https://blog.jwangkun.com/tag/efVGHoi38/" class="tag">Kubernetes</a>
            
        </span>
            <h1>kubeadmin 快速部署k8s集群</h1>
            <span class="meta">
            	Posted on
              2020-09-15，6 min read
            </span>
          </div>
        </div>
      </div>
    </div>
  </header>

  <!-- Post Content -->
  <article>
    <div class="container">
      <div class="row">
        <div class="col-lg-8 col-md-10 mx-auto">
          <p><strong>安装要求</strong></p>
<p>在开始之前，部署Kubernetes集群机器需要满足以下几个条件：</p>
<p>• 一台或多台机器，操作系统 CentOS7.x-86_x64</p>
<p>• 硬件配置：2GB或更多RAM，2个CPU或更多CPU，硬盘30GB或更多</p>
<p>• 集群中所有机器之间网络互通</p>
<p>• 可以访问外网，需要拉取镜像</p>
<p>• 禁止swap分区</p>
<!-- more -->
<p><strong>学习目标</strong></p>
<ol>
<li>
<p>在所有节点上安装Docker和kubeadm</p>
</li>
<li>
<p>部署Kubernetes Master</p>
</li>
<li>
<p>部署容器网络插件</p>
</li>
<li>
<p>部署 Kubernetes Node，将节点加入Kubernetes集群中</p>
</li>
<li>
<p>部署Dashboard Web页面，可视化查看Kubernetes资源</p>
</li>
</ol>
<p>准备环境</p>
<p>关闭防火墙：</p>
<pre><code>$ systemctl stop firewalld

$ systemctl disable firewalld

$ iptables -F
</code></pre>
<p>关闭selinux：</p>
<pre><code>$ sed -i &quot;s/^SELINUX=enforcing/SELINUX=disabled/g&quot; /etc/selinux/config

$ sed -i &quot;s/^SELINUX=permissive/SELINUX=disabled/g&quot; /etc/selinux/config

$ setenforce 0
</code></pre>
<p>$ cat /etc/selinux/config</p>
<pre><code># **This file controls the state of SELinux on the system.**
# **SELINUX= can take one of these three values:**
#     **enforcing - SELinux security policy is enforced.**
#     **permissive - SELinux prints warnings instead of enforcing.**
#     **disabled - No SELinux policy is loaded.**
SELINUX=disabled
# **SELINUXTYPE= can take one of three two values:**
#     **targeted - Targeted processes are protected,**
#     **minimum - Modification of targeted policy. Only selected processes are protected.**
#     **mls - Multi Level Security protection.**
SELINUXTYPE=targeted
</code></pre>
<p>关闭swap：</p>
<pre><code>$ swapoff -a $ 临时

$ vim /etc/fstab $ 永久

$ sed -i 's/.**swap.**/#&amp;/' /etc/fstab
</code></pre>
<p>cat /etc/fstab</p>
<pre><code># **/etc/fstab**
# **Created by anaconda on Mon Mar  4 17:23:04 2019**
# **Accessible filesystems, by reference, are maintained under '/dev/disk'**
# **See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info**
dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=3dd5660e-0905-4f1e-9fa3-9ce664d6eb94 /boot                   xfs     defaults        0 0
dev/mapper/centos-home /home                   xfs     defaults        0 0
#**/dev/mapper/centos-swap swap                    swap    defaults        0 0
</code></pre>
<p>将桥接的IPv4流量传递到iptables的链：</p>
<pre><code>$ cat &gt; /etc/sysctl.d/k8s.conf &lt;&lt; EOF

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

EOF
</code></pre>
<pre><code>$ sysctl --system
</code></pre>
<p>修改文件句柄限制</p>
<pre><code>echo &quot;* soft nofile 65536&quot; &gt;&gt; /etc/security/limits.conf

echo &quot;* hard nofile 65536&quot; &gt;&gt; /etc/security/limits.conf

echo &quot;* soft nproc 65536&quot;  &gt;&gt; /etc/security/limits.conf

echo &quot;* hard nproc 65536&quot;  &gt;&gt; /etc/security/limits.conf

echo &quot;* soft  memlock  unlimited&quot;  &gt;&gt; /etc/security/limits.conf

echo &quot;* hard memlock  unlimited&quot;  &gt;&gt; /etc/security/limits.conf
</code></pre>
<p>所有节点安装Docker/kubeadm/kubelet</p>
<p>Kubernetes默认CRI（容器运行时）为Docker，因此先安装Docker。</p>
<p>安装Docker</p>
<pre><code>$ wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo

$ yum -y install docker-ce-18.06.1.ce-3.el7

$ systemctl enable docker &amp;&amp; systemctl start docker

$ docker --version

Docker version 18.06.1-ce, build e68fc7a
</code></pre>
<p>添加阿里云YUM软件源</p>
<pre><code>$ cat &gt; /etc/yum.repos.d/kubernetes.repo &lt;&lt; EOF

[kubernetes]

name=Kubernetes

baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64

enabled=1

gpgcheck=1

repo_gpgcheck=1

gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg

https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

EOF
</code></pre>
<p>导入gpgkey文件</p>
<pre><code>$ wget https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg

$ rpm --import yum-key.gpg

$ wget https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

$ rpm --import rpm-package-key.gpg
</code></pre>
<p>安装kubeadm，kubelet和kubectl</p>
<p>由于版本更新频繁，这里指定版本号部署：</p>
<pre><code>$ yum install -y kubelet-1.13.3 kubeadm-1.13.3 kubectl-1.13.3 kubernetes-cni-0.6.0

$ systemctl enable kubelet
</code></pre>
<p>部署Kubernetes Master</p>
<p>由于默认拉取镜像地址k8s.gcr.io国内无法访问，这里指定阿里云镜像仓库地址。</p>
<pre><code>$ kubeadm init \

--apiserver-advertise-address=10.0.52.13 \

--image-repository registry.aliyuncs.com/google_containers \

--kubernetes-version v1.13.3 \

--service-cidr=10.1.0.0/16 \

--pod-network-cidr=10.244.0.0/16
</code></pre>
<p>使用kubectl工具：</p>
<pre><code>mkdir -p $HOME/.kube

sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

sudo chown $(id -u):$(id -g) $HOME/.kube/config
</code></pre>
<p>安装Pod网络插件（CNI）</p>
<pre><code>$ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml
</code></pre>
<p>确保能够访问到quay.io这个registery。</p>
<p>加入Kubernetes Node</p>
<p>向集群添加新节点，执行在kubeadm init输出的kubeadm join命令：</p>
<p>kubernetes培训-kubeadmin.png</p>
<pre><code>kubeadm join 10.0.52.13:6443 --token nqg5gl.zr84xb63z2ve7dbn --discovery-token-ca-cert-hash sha256:3e43b9c41dd74ba0f46c260d0e0b6663993cf4563c3852384916d76338d6202e
</code></pre>
<p>在master执行</p>
<pre><code>$ kubectl get nodes
</code></pre>
<p>测试kubernetes集群</p>
<p>在Kubernetes集群中创建一个pod，验证是否正常运行：</p>
<pre><code>$ kubectl create deployment nginx --image=nginx

$ kubectl expose deployment nginx --port=80 --type=NodePort

$ kubectl get pod,svc
</code></pre>
<p>访问地址：http://NodeIP:Port</p>
<p>部署 Dashboard</p>
<pre><code>kubectl apply -f kubernetes-dashboard.yaml

kubectl apply -f admin-dashboard.yaml
</code></pre>
<p>访问地址：http://NodeIP:30001</p>

          
          <p class="next-post">下一篇：
            <a href="https://blog.jwangkun.com/post/1siCRcJND/">
              <span class="post-title">
                 MinIO 集群安装部署&rarr;
              </span>
            </a>
          </p>
        
        <div class="comment">
          
        </div>
      </div>
    </div>
  </article>
 <!-- Footer -->
  <footer>
    <div class="container">
      <div class="row">
        <div class="col-lg-8 col-md-10 mx-auto">
          <ul class="list-inline text-center">
            
            
              
            
              
            
              
            
              
            
              
            
              
            
              
              <li class="list-inline-item">
              <a href="https://blog.jwangkun.com/atom.xml" target="_blank">
                <span class="fa-stack fa-lg">
                  <i class="fas fa-circle fa-stack-2x"></i>
                  <i class="fas fa-rss fa-stack-1x fa-inverse"></i>
                </span>
              </a>
              </li>
          </ul>
          <p class="copyright text-muted">Copyright &copy;<span>John Wong&#39;s Blog</span><br><a href="https://github.com/getgridea/gridea" class="Themeinfo">Powered by Gridea</a></p>
        </div>
      </div>
    </div>
   </footer>
  <!-- Bootstrap core JavaScript -->
  <script src="https://cdn.bootcss.com/twitter-bootstrap/4.3.1/js/bootstrap.bundle.min.js"></script>
  <!-- <script src="https://blog.jwangkun.com/media/scripts/bootstrap.bundle.min.js"></script> -->
  <!-- Bootstrap core JavaScript -->
  <script src="https://cdn.jsdelivr.net/gh/Alanrk/clean-cdn@1.0/scripts/clean-blog.min.js"></script>
  <!-- <script src="https://blog.jwangkun.com/media/scripts/clean-blog.min.js"></script> -->
  <script src="//instant.page/3.0.0" type="module" defer integrity="sha384-OeDn4XE77tdHo8pGtE1apMPmAipjoxUQ++eeJa6EtJCfHlvijigWiJpD7VDPWXV1"></script>
  <style type="text/css">a.back_to_top{text-decoration:none;position:fixed;bottom:40px;right:30px;background:#f0f0f0;height:40px;width:40px;border-radius:50%;line-height:36px;font-size:18px;text-align:center;transition-duration:.5s;transition-propety:background-color;display:none}a.back_to_top span{color:#888}a.back_to_top:hover{cursor:pointer;background:#dfdfdf}a.back_to_top:hover span{color:#555}@media print,screen and(max-width:580px){.back_to_top{display:none!important}}</style>
<a id="back_to_top" href="#" class="back_to_top">
  <span>▲</span></a>
<script>$(document).ready((function(_this) {
    return function() {
      var bt;
      bt = $('#back_to_top');
      if ($(document).width() > 480) {
        $(window).scroll(function() {
          var st;
          st = $(window).scrollTop();
          if (st > 30) {
            return bt.css('display', 'block')
          } else {
            return bt.css('display', 'none')
          }
        });
        return bt.click(function() {
          $('body,html').animate({
            scrollTop: 0
          },
          800);
          return false
        })
      }
    }
  })(this));
  var _hmt = _hmt || [];
(function() {
  var hm = document.createElement("script");
  hm.src = "https://hm.baidu.com/hm.js?84ab85460bfbe79dbe5776a1df139a8f";
  var s = document.getElementsByTagName("script")[0]; 
  s.parentNode.insertBefore(hm, s);
})();
  </script>
  
<script type="text/javascript" src="https://v1.cnzz.com/z_stat.php?id=1279350888&web_id=1279350888"></script>

  </body>
</html>

